Menu visibility control

Video

Events

Startup Surgery

Most Recent

News

Iris Capital launches €250m European tech investment fund

News

Startup Weekly: Welsh tech accelerator calls for applications, Virgin StartUp partners with WeWork and more

Tech City Voices

Culture. There’s no app for that, Kalanick

Press Releases

‘Connected finance’ app Curve hits £50m spend ahead of UK launch
“Coffee, networking and productivity”: Workspace disruptor ‘Lounge’ launches in London
Kompli-Global’s Technology Will Make Life Harder for Money Launderers

Why connected vehicle manufacturers should focus on security

driverless cars
twitterlinkedinFacebookgoogle_plustwitterlinkedinFacebookgoogle_plus

John Smith, principal solutions architect at Veracode, discusses why the connected car poses a significant challenge to the global car industry.

Today is one of the most exciting times in the automotive industry’s history.

Cars are communicating with each other, they’re telling us where available parking spaces are and in some cases they’re even doing the parking for us at the touch of a button.

Why staff wellbeing should top your list of priorities

We are also on the brink of the entirely autonomous car – whereby using technology such as radar, GPS, and computer vision – the car can sense the environment, detect its surroundings and navigate without human input.

To many of us, this will have seemed impossible just years ago.

However, the UK government has already outlined plans to conduct trials of driverless cars on its road network by the end of next year.

Its goal is to establish the UK as a ‘global centre for excellence’ in connected and autonomous vehicles.

The Google challenge

While IDC projects the total market for automotive-related Internet of Things to be worth $140.3bn this year, this revenue is not exclusively driven by vehicle manufacturers.

They now face unprecedented competition for market share from component manufacturers and software companies such as Google and Apple.

Not only have these traditional software vendors launched their own infotainment solutions, to provide drivers with seamless access to their mobile operating systems in the car, they are also developing autonomous vehicles themselves.

While the impact these driverless cars pose to the market is yet to be seen, their internal software solutions for the car is already having a significant influence on the industry.

The infotainment system – once regarded as a high-margin, differentiating feature amongst rival manufacturers – is now at risk to the tech giants.

Cyber liability in the connected car

It’s not just revenue that’s at stake here.

If a car falls victim to a cyber-attack through applications in a third-party infotainment system, and has an accident, who is at fault? Moreover, who should be held responsible if an application downloaded to a car – or linked smartphone – has a vulnerability and puts the safety of the car or personal data at risk? And what constitutes “reasonable” efforts to address and fix vulnerabilities in applications in cars?

These are all questions that need answering.

New research, carried out by International Data Corporation (IDC) and commissioned by Veracode, revealed that drivers are no clearer as to where this responsibility lies.

When asked who should be liable if they downloaded an app that resulted in a vulnerability in their car, the majority of drivers (40%) held themselves responsible, a fifth (20%) pointed a finger at the app developers and manufacturers alike, and 17% blamed the app store.

Three years from safety?

Producing this research paper, IDC also conducted in-depth interviews with leading vehicle manufacturers and – following these briefings – predicts a security lag of up to three years before application systems catch up with cyber threats.

With recent media coverage exposing critical vulnerabilities to applications in connected cars – for example allowing a Jeep Cherokee to be hacked remotely and brought to a standstill via a computer – it is of no surprise that half of British drivers are concerned about the security of the connected car.

Confronting the issues

Driver and passenger safety are clearly of paramount importance, and there are several issues manufacturers – and the government – must address to ensure they get this right.

Manufacturers cannot afford to be complacent when it comes to software and application security.

Based on IDC’s research, it seems they are considering two approaches to securing the connected car.

The first is to completely separate infotainment systems from driver functionality, ensuring no links can be made between their applications.

This is easier said than done, with cars being developed to exchange data with cloud-based applications for GPS mapping or with other cars to share real-time information about traffic patterns and road conditions.

The second approach is for the manufacturer to assume responsibility – if not liability – for the complete car ‘package’, regardless of the software and applications it houses and who has downloaded them.

For the government, clear regulatory standards must be enforced to ensure manufacturers, technology vendors and drivers know exactly where they stand.

Technology developments are taking place faster than the government can bring in new statutes, leaving lawmakers stranded at legislative crossroads.

However, with increasing numbers of connected vehicles on our roads, this is an issue that must be addressed today.

What we’re seeing happen in the car industry is a microcosm of what’s happening in financial services, healthcare and virtually every other sector – applications not developed with security in mind, creating a major area of risk.

The key difference here is that an application vulnerability in a car could put somebody’s life in danger, and that is why manufacturers, technology companies and the government must work together to ensure the safety and security of drivers in this connected age.

Enter your email address to receive updates straight to your inbox

* indicates required
Send me news on...
twitterlinkedinFacebookgoogle_plustwitterlinkedinFacebookgoogle_plus

Editor's picks

Paris

Iris Capital launches €250m European tech investment fund
posted 2 hours ago

Startup Weekly: Welsh tech accelerator calls for applications, Virgin StartUp partners with WeWork and more
posted 6 hours ago

Culture. There’s no app for that, Kalanick
posted 8 hours ago

startup life

Uber’s CEO resigns, over £368m in UK tech funding, a new $3.3bn fund and more in The Week in Tech
posted 11 hours ago

inploi-co-founders

EXCLUSIVE: London-based Inploi raises £500,000, brings total to £1m
posted on June 22, 2017

Peter-Smith-Nic-Cary-Feb-2016

UK-founded tech startup Blockchain secures $40m Series B
posted on June 22, 2017